17 October, 2005
By Chris Talbot

According to a new study from Trend Micro, awareness of spyware is high, but the lack of knowledge and bolder end-user behavior has heightened the urgency around greater Internet security and education.

The study found that more than 87 per cent of corporate end-users are aware of spyware, but 53 per cent of survey respondents demand greater education from IT to better understand the threat. The findings indicate that awareness does not translate to knowledge, so users are looking to their IT departments to play a more protective role.

The study, which involved 1,200 end-users from organisations ranging from large multi-national corporations to small single-office businesses, was conducted in the U.S., Germany and Japan. It revealed several findings pertaining to end-user perceptions and behavior in the workplace, and many involved the growing problem of spyware. Encounters with spyware are growing, especially in small- and medium-sized businesses, the study concluded.

According to the study, spyware's prominence appears to be greatest in the U.S., where 40 per cent of end-users surveyed have encountered spyware at work, as compared to 14 per cent in Japan and 23 per cent in Germany. In all three countries, end-users from SMB organizations reported a greater number of encounters than larger enterprises.

Additionally, the survey found that U.S. end-users are five times more likely to fall victim than their German and Japanese counterparts. For businesses with IT organizations, nearly 40 per cent of respondents in the U.S. felt their IT departments could do more to help protect them against spyware.

Of the respondents who encounter spyware at work, only 45 per cent believed they had actually fallen victim. According to Trend Micro, this reveals a striking distinction between end-user awareness of the spyware threat and whether corporate end-users are knowledgeable enough to identify spyware infiltration, which quite often occurs without them knowing it.

Many respondents expect IT departments to provide further education in addition to protection. In Japan, 64 per cent felt that their IT departments could do more to educate them about spyware. Similar figures resulted in the U.S. (52 per cent) and Germany (45 per cent).

The report found that one of the most troubling findings was the admission from many respondents that they are more likely to engage in risky online behavior if they have an IT department for support.

"The challenge of maintaining security for businesses is compounded by the tendency of end users to engage in riskier computer activities while at work," said Ed English, vice president and chief technologist of anti-spyware at Trend Micro. "Spyware is a security issue that has now come of age, and while end users may question the effectiveness of anti-spyware solutions deployed by their IT departments, they also admit to relying heavily on IT for protection -- and many appear willing to ignore their personal responsibility of staying aware and protected through sensible online behavior."

According to the study, 26 per cent of American SMB workers and 21 per cent of American enterprise workers stated that they had fallen victim to spyware while at work. However, only seven per cent of SMB workers surveyed in Japan and Germany were aware of falling victim to spyware.

Reprinted by permission of Integrated mar.com (integratedmar.com), EchannelLine © Copyright 2005 Integratedmar.com Corporation.